Brazilian National Treasury hit with ransomware attack

Assessments so far did not find damage to key systems, according to the government.

The Brazilian government has released a note stating the National Treasury has been hit with a ransomware attack on Friday (13).

According to a statement from the Ministry of Economy, initial measures to contain the impact of the cyberattack were immediately taken. The first assessments so far have found there was no damage to the structuring systems of the National Treasury, such as the platforms relating to public debt administration.

The effects of the ransomware attack are being analyzed by security specialists from the National Treasury and the Digital Government Secretariat (DGS). The Federal Police has also been notified. The Ministry noted new information on the incident "will be disclosed in a timely manner and with due transparency".

A further statement released jointly with the Brazilian Stock Exchange today (16) noted that the attack did not affect "in any way" the operations of Tesouro Direto - a program that enables the purchase of Brazilian government bonds by individuals.

The incident at the National Treasury follows a major cyberattack that emerged in November 2020 against the Brazilian Superior Electoral Court. The attack brought the Court's systems to a standstill for over two weeks.

At the time, the event was considered to be the most comprehensive attack ever orchestrated against a Brazilian public sector institution in terms of its complexity and the extension of the damage caused.

In July, the Brazilian government announced the creation of a cyberattack response network aimed at promoting faster response to cyber threats and vulnerabilities through coordination between federal government bodies.

The DGS, which operates under the Special Secretariat for Management and Digital Government of the Ministry of Economy, will have a strategic role in the formation of the network. The DGS is the central body of SISP, a system utilized for planning, coordinating, organizing, operating, controlling and supervising the federal government's information technology resources across more than 200 bodies.

In the private sector, major ransomware attacks that emerged in 2021 in Brazil involved large companies such as healthcare firm Fleury and aerospace conglomerate Embraer.